-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ejabberdctl request_certificate crashes #4267
Comments
I added processone/p1_acme@cd292d0 in p1_acme library that i think will help with that error. |
I get the same error as svbergerem reported here. Tried to fix it by recompiling ejabberd with the commit cd292d0 (and ef06ff8) to p1_acme, however, the problem still persists. Output of
|
You could apply this debugging patch. It allows you to check if ejabberd is really using the patched p1_acme binaries, and also prints the arguments that provoke the crash: diff --git a/src/p1_acme.erl b/src/p1_acme.erl
index 8e22352..211d52f 100644
--- a/src/p1_acme.erl
+++ b/src/p1_acme.erl
@@ -910,6 +910,7 @@ jose_json(#state{account = {Key, AccURL}, nonce = Nonce} = State, Data, URL) ->
end,
JwsMap0 = #{<<"nonce">> => Nonce,
<<"url">> => iolist_to_binary(URL)},
+ ?INFO_MSG("JOSE privkey: ~p~npubkey: ~p", [PrivKey, PubKey]),
JwsMap = case AccURL of
undefined ->
{_, BinaryPubKey} = jose_jwk:to_binary(PubKey),
@@ -919,7 +920,7 @@ jose_json(#state{account = {Key, AccURL}, nonce = Nonce} = State, Data, URL) ->
JwsMap0#{<<"kid">> => iolist_to_binary(AccURL)}
end,
JwsObj = jose_jws:from(maps:merge(JwsMap, AlgMap)),
- ?DEBUG("JOSE payload: ~s~nJOSE protected: ~p", [Data, JwsObj]),
+ ?INFO_MSG("JOSE payload: ~s~nJOSE protected: ~p", [Data, JwsObj]),
{_, JoseJSON} = jose_jws:sign(PrivKey, Data, JwsObj),
encode_json(JoseJSON).
|
Thank you for your input. You are right with your assumption, my test ejabberd was indeed compiled with a p1_acme version tagged 1.0.23 instead of the latest head, although I placed the current version in the deps directory. My mistake. Now with commits cd292d0 and ef06ff8 correctly applied during compilation, certificate renewal works as expected. |
How did you resolve it? I don't understand how to compile it against p1_acme HEAD. Can someone explain what I need to do? Also on Arch Linux. I hope this is fixed in the next releases soon... |
@a4r7gc4ttfwsqcey Make sure to have the |
@knoelli Thank you so much man, just did that and it worked perfectly! |
Environment
Errors from error.log/crash.log
(replaced my domain by example.org)
Bug description
In addition to the error above,
ejabberdctl request_certificate all
(as well asejabberdctl request_certificate "example.org"
) crashes as well:The text was updated successfully, but these errors were encountered: